Mid-sized enterprises face enormous challenges when they want to stand their ground in the dynamic business environment and the fiercely contested international competition. The progressively increasing globalisation, growing complexity, and rapid developments in the field of information technologies offer enormous chances but also entail new risks incessantly. Furthermore, a devastating earthquake in Japan, a volcanic eruption in Iceland, and a once-in-a-century flood in Thailand massively influenced the global business world in the year of 2011. According to the assessment of the Swiss Re reinsurance company, 2011 with all its earthquakes, floods, and storms has at yet produced the costliest damages in history. The macro-economic total damage has been estimated at 350 billion US dollars, which represents an increase by 58% compared to 226 billion US dollars in 2010. But the long-term planning of companies is also hampered by the increasing dynamics of the whole business environment, which is marked by volatile markets and framework conditions. A growing number of company bankruptcies is a logical consequence of such developments. For all these reasons, risk management has increasingly found its way into the companies in the last years. On the one hand, legal requirements imperatively call for an integrated approach to risk management, and on the other hand companies that want to operate successfully in the long run are forced to identify risks in the business environment as soon as possible in order to implement appropriate countermeasures.
Purchasing has a special and important role in this context. Due to ever shorter product life cycles, growing price pressure, increasing buyer power, and the constantly increasing globalisation, the classical order processing has been replaced by a business function that manages the external added value. An additional important point is that e.g. in Germany during the last 20 years the share of the material costs in manufacturing companies measured against the turnover has nearly doubled. Outsourcing, a specialisation in the core competencies of the companies, and the reduction of the in-house production depths are only some of
# Springer International Publishing AG 2017
U. Weigel, M. Ruecker,The Strategic Procurement Practice Guide, Management for Professionals, DOI 10.1007/978-3-319-57651-0_6
87
the reasons for the increasing materials usage. With materials ratios of often 50%
and more, added value networks have enormous hazard potentials. Unplanned incidents, triggered by supply bottlenecks or the collapse of a supplier in complex supply chains, can quickly produce a knock-on effect and thus massively compro-mise the business success of one’s home company. Therefore, a comprehensive, integrated risk management becomes a concrete task of Strategic Purchasing, and the question must be asked which forms such a risk management will take in the corporate practice. Which kinds of risks the purchasing department has to account for and which impacts has the risk management on the purchasing strategy?
Due to the closely interconnected partnership with suppliers regarding strategy, corporate policy, and technology, one also has to ascertain which risks the bank-ruptcy or its inability to deliver on time might involve and how these risks may be avoided by pre-emptive measures.
Due to its novelty, topicality, and increasing relevance, the risk management as part of the tasks of Purchasing shall be discussed in detail in this chapter. At first, the conceptual basics shall be considered and defined in order to enable a better classification and to avoid different interpretations. After the legal framework conditions have been outlined and the economic importance of the risk manage-ment has been clarified, the principles and peculiarities of the risk managemanage-ment in the purchasing department will be discussed.
6.1.1 Definition of the Risk Concept
Down to the present day, a generally accepted definition of the risk concept has not evolved in business studies. Often, risks related to causes are distinguished from risks related to effects; these two understandings of the risk concept complement one another. Related to its causes a risk is defined as business decision made on the basis of incomplete information regarding the future. The achievement of the targets can be compromised by unforeseeable developments or events. The possi-bility of such (negative) deviations from the targets forms the core of the second, effects-related risk definition.1From these two parts, a consensus emerges related to the possibility of negative deviations from a reference parameter. Thus, risk can be understood as the possible occurrence of an event that will have a negative influence on the realisation of targets that have been defined on the basis of imperfect expectations.2
Risk management in this context means a method of business management which aims at reducing risks. The target is not to avoid risks completely but to control and manage them effectively. Risk management therefore includes all measures that are used to identify and evaluate potential risks as well as all measures used for controlling already identified risks with the help of suitable
1Siebermann and Vahrenkamp (2007, p. 14).
2Cf. Brünger (2011, p. 16).
strategies and methods. In summary, the main tasks of the risk management consist of the timely identification of risks, the in-depth understanding of the consequences if these risks are taken, the limitation of risks that might compromise the success, and the efficient handling of risks.3
6.1.2 Legal and Financial Framework Conditions
The risk management issue has for a long time been neglected by the legislation but is increasingly gaining in importance in current discussion. The legal requirements concerning risk management are confined to only a few laws. In Germany, the legal basis is the 1998 Corporate Sector Supervision and Transparency Act (KonTraG), which can be regarded as an addition to the German Companies Act. In this, the governing body of a company is required to take measures appropriate for the early identification of developments that might endanger the continued existence of the company, especially by establishing a controlling system. Furthermore, the risk management system of stock companies is required to safeguard the early identifi-cation of risks concerning the survival of the company. These duties of care analogously also apply to the management of companies with other legal forms (e.g. limited companies). The KonTraG aims to ensure that risks that affect the survival of the company can be detected and averted at an early stage. However, there are no concrete guidelines as to how this controlling should be implemented.
Apart from legal requirements, risk management systems are increasingly affected by financial framework conditions, e.g. by the Basel II agreement on equity capital developed by the Basel Committee on Banking Supervision (BCBS) by which the safety and solidity of the international financial system shall be stabilised. The essential point of the Basel framework agreement requires that banks must have a certain amount of equity capital which depends on the relative risks measured with the help of diverse complex methods.
These risks are composed of credit, market, and for the first time also of operational risks. In order to optimally devise the equity capital demands, banks make use of rating procedures for evaluating the credit-worthiness of their clients.
If a company has an operative risk management system, this is regarded as a collateral by the lending bank and consequently has a positive influence on the company’s credit-worthiness,4with direct repercussions on the borrowing costs of the company.
Since 2013, the Basel III reform package has gradually come into effect, a package formed in reaction to the weaknesses of the hitherto existing bank control system that had been revealed by the global financial and economic crisis of 2007.
Basel III includes, amongst others, an enhancement of the core capital quota of banks. Resulting from that, further improvements concerning the quality of risk
3Grundmann (2008, p. 10).
4Cf. Fiege (2006, p. 71).
management systems are being expected; however, another consequence will be that these requirements will be passed on to individuals and companies.
6.1.3 The Economic Importance of Risks
According to a study of the Fraunhofer-Institut, 86% of the companies that were surveyed in 2010 believed that the importance of risk management in their companies has increased.5Apart from the legal requirements, this growing interest in risk management is mainly caused by economic aspects. This development is triggered by constant alterations of the economic, technical, political, legal, or social framework conditions. Further aspects are the growing expectations of holders, employees, and the public as well as increasing requirements with regard to the efficiency of the companies.
Risk management can be a decisive competitive factor especially for export-oriented companies. Fluctuations in the raw materials and currency market can considerably compromise the calculations of companies. Furthermore, natural disasters tend to occur more often globally. In the context of changed economic structures, the impacts of natural disasters are no longer confined to the areas that are directly affected by them. The repercussions of natural disasters are felt worldwide due to global financial interdependencies and supply chains. Thus, the once-in-a-century flood in Thailand that lasted several weeks during the autumn of 2011 caused worldwide supply bottlenecks and even loss of production in the electronic and automotive industries (see Chap. 5) as purchasers in the whole world were affected by delivery shortages of important Asian suppliers.
Thus, companies often have no other choice than to take risk management very seriously. Furthermore, effective risk management systems offer the opportunity for realising true result improvements provided that the decisions which risks should be taken and how the existing risks should be limited and controlled are consciously made.
6.1.4 Risk Management in Purchasing
In the classical sense, the purchasing sector includes all strategic and operative activities concerning the supply of raw materials, products, or equipment (see the detailed description in Chap.1).
The tendency of orienting the purchasing function strategically on the one hand is based on the increased procurement volumes the Purchasing is responsible for.
Due to these volumes, the results of the companies depend to an ever-growing degree on the competence of the purchasing sector. Furthermore, the purchasing is also strategically influenced by increasing complexities of the procurement fields
5Schatz et al. (2010, p. 33).
that are caused by outsourcing, concentration on core competencies, or the reduc-tion of in-house producreduc-tion depths. Especially by concentrating on their strengths, many companies make themselves highly dependent on their suppliers. If these suppliers drop out all of a sudden, cost-intensive supply bottlenecks are only the tip of the iceberg as additional unplanned investments must be made for the subsequent identification and qualification of new partners. Furthermore, scheduling delays may compromise or even endanger planned projects and the market launch of new products.
In Purchasing, risk management has to tackle those points where the fundamen-tal targets of the procurement may be put at risk.6Purchasing risks in this context are dependent on many factors such as the company itself, the products to be procured, the procurement markets, or the country from which the respective product is procured. Purchasing risks, for that matter, are to be regarded as an aspect of the cross-company risk management.
Classical procurement risks such as shortfalls, poor quality, or price fluctuations in the context of globalised markets gain in complexity as risks often tend to occur at interfaces between the home company and the supplier.
Concrete measures concerning purchasing that are taken by the risk management are, amongst others, the systematic selection, development, and supervision of suppliers as well as the devising of courses of action with respect to possible risk situations.